Garrett D'Amore wrote:
Darren J Moffat wrote:
James C. McPherson wrote:
Darren J Moffat wrote:
James C. McPherson wrote:
....
We've got a unique hash which identifies "binary X". We can create
a publishable mapping (ie, on sunsolve) between that hash and the
version of the source that it is based on.
Why is it needed that you map a given random binary to source files ?
The wsdiff tool may help here though.
ignore wsdiff for the moment, and remember that not everybody
out there in Services-land cares about the source, just the
mapping of patch numbers to bugids. That is why we need it.
Patch numbers to bugids is nothing to do with the source and sunsolve
already provides that mapping via the patch readmes.
No, the mapping that is needed, I believe, is patch numbers to binary
objects. (I.e. what version of the nfs patch am I running _right now_?)
Assuming what is in memory is what is on disk then showrev -p
gives you that.
We already have elfsign, and (almost) all binaries in Solaris are
signed, while this doesn't tell you what patch it came from it does tell
you that it is a "ligit" binary and not some random trojan, eg:
elfsign verify -v -e /usr/bin/ls
elfsign: verification of /usr/bin/ls passed.
format: rsa_md5_sha1.
signer: CN=SunOS 5.10, OU=Solaris Signed Execution, O=Sun Microsystems Inc.
Extending modinfo only helps kernel modules it doesn't help userland code.
--
Darren J Moffat
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
